Re: A way to lost your session in Cake 1.2RC3 :-)
At some point in time it was the intention that session ids would not be renewed for ajax requests. >From changeset 5982: Sessions id are not longer renewed if a request is from Ajax, or from requestAction(); When Security.level (1.2) or CAKE_SECURITY (1.1) is set the 'high' renewing of Session id only happens if request is 2 seconds after the last request. The 2 seconds threshold is still there in 1.2 RC3. On Nov 11, 7:37 am, AD7six <[EMAIL PROTECTED]> wrote: > On Nov 11, 8:15 am, Serge Rodovnichenko <[EMAIL PROTECTED]> wrote: > > > Thanks, Gwoo. This helps :-) > > > Where to get more information about behavour of security levels? > > > I think in 'high' level Cake performs a Referrer checks. This is why I > > lose sessions in case described above. > > It does, but that probably isn't relevant. With high security the > session id changes on each request (as mentioned previously in the > thread) > > So normally you would have: > > GET / sessionid = void > sessionid #1 created > Response / sessionid = #1 > GET /abc sessionid = #1 > sessionid changed to #2 > Response /abc sessionid = #2 <- updated > GET /def sessionid = #2 > sessionid changed to #3 > Response /def sessionid = #3 <- updated > GET /xyz sessionid = #3 > sessionid changed to #4 > Response /xyz sessionid = #4 <- updated > > with the sessionid stored in the cookie client side (obviously). On > the server the session id changes as soon as the request is received. > Irgo if you send two or more concurrent requests without waiting for > the response e.g.: > > GET / sessionid = void > sessionid #1 created > Response / sessionid = #1 > GET /abc sessionid = #1 <- session doesn't exist > <- session id #2 generated, session id #1 deleted > GET /def sessionid = #1 <- session doesn't exist > Response /def or redirect /users/login sessionid = #new > > It isn't quite so simple, but in principle that's what you're looking > at. If you set security to medium, the session id persists for the > life of your browser session, hence concurrent requests will not cause > you to loose your session. > > hth, > > AD --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "CakePHP" group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~--~~~~--~~--~--~---
Re: A way to lost your session in Cake 1.2RC3 :-)
On Nov 11, 10:37 am, AD7six <[EMAIL PROTECTED]> wrote: > On Nov 11, 8:15 am, Serge Rodovnichenko <[EMAIL PROTECTED]> wrote: > > > Thanks, Gwoo. This helps :-) > > > Where to get more information about behavour of security levels? > > > I think in 'high' level Cake performs a Referrer checks. This is why I > > lose sessions in case described above. > > It does, but that probably isn't relevant. With high security the > session id changes on each request (as mentioned previously in the > thread) > > So normally you would have: > > GET / sessionid = void > sessionid #1 created > Response / sessionid = #1 > GET /abc sessionid = #1 > sessionid changed to #2 > Response /abc sessionid = #2 <- updated > GET /def sessionid = #2 > sessionid changed to #3 > Response /def sessionid = #3 <- updated > GET /xyz sessionid = #3 > sessionid changed to #4 > Response /xyz sessionid = #4 <- updated > > with the sessionid stored in the cookie client side (obviously). On > the server the session id changes as soon as the request is received. > Irgo if you send two or more concurrent requests without waiting for > the response e.g.: > > GET / sessionid = void > sessionid #1 created > Response / sessionid = #1 > GET /abc sessionid = #1 <- session doesn't exist > <- session id #2 generated, session id #1 deleted > GET /def sessionid = #1 <- session doesn't exist > Response /def or redirect /users/login sessionid = #new Whoops: GET / sessionid = void sessionid #1 created Response / sessionid = #1 GET /abc sessionid = #1 <- session exists <- session id #2 generated, session id #1 deleted GET /def sessionid = #1 <- session doesn't exist Response /def or redirect /users/login sessionid = #new So if you have impatient users, Asynchronous ajax and or missing images/css/js files - you can easily find you get "logged out" often. hth & is clear, AD --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "CakePHP" group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~--~~~~--~~--~--~---
Re: A way to lost your session in Cake 1.2RC3 :-)
On Nov 11, 8:15 am, Serge Rodovnichenko <[EMAIL PROTECTED]> wrote: > Thanks, Gwoo. This helps :-) > > Where to get more information about behavour of security levels? > > I think in 'high' level Cake performs a Referrer checks. This is why I > lose sessions in case described above. It does, but that probably isn't relevant. With high security the session id changes on each request (as mentioned previously in the thread) So normally you would have: GET / sessionid = void sessionid #1 created Response / sessionid = #1 GET /abc sessionid = #1 sessionid changed to #2 Response /abc sessionid = #2 <- updated GET /def sessionid = #2 sessionid changed to #3 Response /def sessionid = #3 <- updated GET /xyz sessionid = #3 sessionid changed to #4 Response /xyz sessionid = #4 <- updated with the sessionid stored in the cookie client side (obviously). On the server the session id changes as soon as the request is received. Irgo if you send two or more concurrent requests without waiting for the response e.g.: GET / sessionid = void sessionid #1 created Response / sessionid = #1 GET /abc sessionid = #1 <- session doesn't exist <- session id #2 generated, session id #1 deleted GET /def sessionid = #1 <- session doesn't exist Response /def or redirect /users/login sessionid = #new It isn't quite so simple, but in principle that's what you're looking at. If you set security to medium, the session id persists for the life of your browser session, hence concurrent requests will not cause you to loose your session. hth, AD --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "CakePHP" group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~--~~~~--~~--~--~---
Re: A way to lost your session in Cake 1.2RC3 :-)
Thanks, Gwoo. This helps :-) Where to get more information about behavour of security levels? I think in 'high' level Cake performs a Referrer checks. This is why I lose sessions in case described above. What are other effects of 'high', 'medium' and 'low' security levels settings? Except a cookie lifetime of course :-) On 11 нояб, 06:02, Gwoo <[EMAIL PROTECTED]> wrote: > You may want to try setting Security.level to medium in config/core.php --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "CakePHP" group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~--~~~~--~~--~--~---
Re: A way to lost your session in Cake 1.2RC3 :-)
This Is Not A Security Issue. Nor Is It A Php Issue. We Are Dealing With Query And Connection Speed And Core With Ajax. Not Php! On 11/10/2008, Frobozz <[EMAIL PROTECTED]> wrote: > > As mentioned below you have to decrease security level in core.php. > Described behaviour is not the bug, it's a protection from hacks. > > On 11 нояб, 00:45, Serge Rodovnichenko <[EMAIL PROTECTED]> wrote: >> It's simple: >> >> In your application, click on a link to one action, then click on a >> link to the second action without waiting of results of first action. >> Session data lost. >> >> A heavy-loaded server and complex database query, generated by first >> action/Model or slow network connection may help you to do this :-) >> >> I think it's not a bug, but is there a hope for correcting the >> situation? > > > -- Xavier A. Mathews Student/Developer/Web-Master GG Client Based Tech Support Specialist Hazel Crest Illinois [EMAIL PROTECTED]@[EMAIL PROTECTED] "Fear of a name, only increases fear of the thing itself." --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "CakePHP" group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~--~~~~--~~--~--~---
Re: A way to lost your session in Cake 1.2RC3 :-)
As mentioned below you have to decrease security level in core.php. Described behaviour is not the bug, it's a protection from hacks. On 11 нояб, 00:45, Serge Rodovnichenko <[EMAIL PROTECTED]> wrote: > It's simple: > > In your application, click on a link to one action, then click on a > link to the second action without waiting of results of first action. > Session data lost. > > A heavy-loaded server and complex database query, generated by first > action/Model or slow network connection may help you to do this :-) > > I think it's not a bug, but is there a hope for correcting the > situation? --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "CakePHP" group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~--~~~~--~~--~--~---
Re: A way to lost your session in Cake 1.2RC3 :-)
Hold On I Thought You Gave That Advice To Another Client. Thats Spaming... Anyways Kyle And I Have This One. On 11/10/2008, Gwoo <[EMAIL PROTECTED]> wrote: > > You may want to try setting Security.level to medium in config/core.php > > > -- Xavier A. Mathews Student/Developer/Web-Master GG Client Based Tech Support Specialist Hazel Crest Illinois [EMAIL PROTECTED]@[EMAIL PROTECTED] "Fear of a name, only increases fear of the thing itself." --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "CakePHP" group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~--~~~~--~~--~--~---
Re: A way to lost your session in Cake 1.2RC3 :-)
You may want to try setting Security.level to medium in config/core.php --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "CakePHP" group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~--~~~~--~~--~--~---
Re: A way to lost your session in Cake 1.2RC3 :-)
LOL No Problem It Was The Best Responce That I Have Heard All Day. On 11/10/2008, validkeys <[EMAIL PROTECTED]> wrote: > > thanks for the reinforcement Xavier. haha :) > > On Nov 10, 6:06 pm, "Xavier Mathews" <[EMAIL PROTECTED]> wrote: >> It sounds like it could be a thery. >> >> On 11/10/2008, validkeys <[EMAIL PROTECTED]> wrote: >> >> >> >> >> >> > From tracing the sql queries when using the database to store the >> > session data, it seems as though on every call it deletes the current >> > session record from the database and then inserts a new one. If you >> > refreshed after that first deletion but before the second insert, you >> > would no longer have a session in the database. >> >> > Am I talking out of my ass or does that sound like something that >> > could happen? >> >> > On Nov 10, 4:13 pm, "Xavier Mathews" <[EMAIL PROTECTED]> wrote: >> >> Why would a longer query make a slower speed when the query has >> >> nothing to do with the connection. >> >> >> On 11/10/2008, francky06l <[EMAIL PROTECTED]> wrote: >> >> >> > Are the link ajax one ? >> >> > This, is I believe due to the security level., set it to medium. I >> >> > guess when during long queries/slow connection your second query is >> >> > there before the first one is gone ..making an "hijacking session" .. >> >> >> > On Nov 10, 10:18 pm, validkeys <[EMAIL PROTECTED]> >> >> > wrote: >> >> >> Im not sure. I have had similar problems when using a database. >> >> >> Anyone >> >> >> else have the same problem / advice? >> >> >> >> On Nov 10, 12:36 pm, Serge Rodovnichenko <[EMAIL PROTECTED]> wrote: >> >> >> >> > No, I store sessions in files, in /tmp directory. Database useage >> >> >> > may >> >> >> > help to resolve this problem? >> >> >> >> > On 10 нояб, 22:15, validkeys <[EMAIL PROTECTED]> >> >> >> > wrote: >> >> >> >> > > I have had this problem before, where I click links quickly and >> >> >> > > it >> >> >> > > blows up my session data. Are you using the database to manage >> >> >> > > your >> >> >> > > sessions? >> >> >> >> > > On Nov 10, 10:45 am, Serge Rodovnichenko <[EMAIL PROTECTED]> >> >> >> > > wrote: >> >> >> >> > > > It's simple: >> >> >> >> > > > In your application, click on a link to one action, then click >> >> >> > > > on >> >> >> > > > a >> >> >> > > > link to the second action without waiting of results of first >> >> >> > > > action. >> >> >> > > > Session data lost. >> >> >> >> > > > A heavy-loaded server and complex database query, generated by >> >> >> > > > first >> >> >> > > > action/Model or slow network connection may help you to do >> >> >> > > > this >> >> >> > > > :-) >> >> >> >> > > > I think it's not a bug, but is there a hope for correcting the >> >> >> > > > situation? >> >> >> -- >> >> B= *•*Beautiful*•* >> >> E= *•*Elegant*•* >> >> Y= *•*Young*•* >> >> O= *•*Original*•* >> >> N= *•*Natural*•* >> >> C= *•*Clever*•* >> >> E= *•*Enthralling*•* >> >> (`*•.¸ (`*•.¸ ¸.•*´) ¸.•*´) >> >> `•.¸(*)Beyoncè`s #1 Fan(*) >> >> (¸.•*(¸.•*´`*•.¸ )*•.¸) >> >> Xavier A. Mathews >> >> Student/Developer/Web-Master >> >> GG Client Based Tech Support Specialist >> >> Hazel Crest Illinois >> >> [EMAIL PROTECTED]@[EMAIL PROTECTED] >> >> "Fear of a name, only increases fear of the thing itself." >> >> -- >> B= *•*Beautiful*•* >> E= *•*Elegant*•* >> Y= *•*Young*•* >> O= *•*Original*•* >> N= *•*Natural*•* >> C= *•*Clever*•* >> E= *•*Enthralling*•* >> (`*•.¸ (`*•.¸ ¸.•*´) ¸.•*´) >> `•.¸(*)Beyoncè`s #1 Fan(*) >> (¸.•*(¸.•*´`*•.¸ )*•.¸) >> Xavier A. Mathews >> Student/Developer/Web-Master >> GG Client Based Tech Support Specialist >> Hazel Crest Illinois >> [EMAIL PROTECTED]@[EMAIL PROTECTED] >> "Fear of a name, only increases fear of the thing itself." > > > -- B= *•*Beautiful*•* E= *•*Elegant*•* Y= *•*Young*•* O= *•*Original*•* N= *•*Natural*•* C= *•*Clever*•* E= *•*Enthralling*•* (`*•.¸ (`*•.¸ ¸.•*´) ¸.•*´) `•.¸(*)Beyoncè`s #1 Fan(*) (¸.•*(¸.•*´`*•.¸ )*•.¸) Xavier A. Mathews Student/Developer/Web-Master GG Client Based Tech Support Specialist Hazel Crest Illinois [EMAIL PROTECTED]@[EMAIL PROTECTED] "Fear of a name, only increases fear of the thing itself." --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "CakePHP" group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~--~~~~--~~--~--~---
Re: A way to lost your session in Cake 1.2RC3 :-)
thanks for the reinforcement Xavier. haha :) On Nov 10, 6:06 pm, "Xavier Mathews" <[EMAIL PROTECTED]> wrote: > It sounds like it could be a thery. > > On 11/10/2008, validkeys <[EMAIL PROTECTED]> wrote: > > > > > > > From tracing the sql queries when using the database to store the > > session data, it seems as though on every call it deletes the current > > session record from the database and then inserts a new one. If you > > refreshed after that first deletion but before the second insert, you > > would no longer have a session in the database. > > > Am I talking out of my ass or does that sound like something that > > could happen? > > > On Nov 10, 4:13 pm, "Xavier Mathews" <[EMAIL PROTECTED]> wrote: > >> Why would a longer query make a slower speed when the query has > >> nothing to do with the connection. > > >> On 11/10/2008, francky06l <[EMAIL PROTECTED]> wrote: > > >> > Are the link ajax one ? > >> > This, is I believe due to the security level., set it to medium. I > >> > guess when during long queries/slow connection your second query is > >> > there before the first one is gone ..making an "hijacking session" .. > > >> > On Nov 10, 10:18 pm, validkeys <[EMAIL PROTECTED]> > >> > wrote: > >> >> Im not sure. I have had similar problems when using a database. Anyone > >> >> else have the same problem / advice? > > >> >> On Nov 10, 12:36 pm, Serge Rodovnichenko <[EMAIL PROTECTED]> wrote: > > >> >> > No, I store sessions in files, in /tmp directory. Database useage may > >> >> > help to resolve this problem? > > >> >> > On 10 нояб, 22:15, validkeys <[EMAIL PROTECTED]> wrote: > > >> >> > > I have had this problem before, where I click links quickly and it > >> >> > > blows up my session data. Are you using the database to manage your > >> >> > > sessions? > > >> >> > > On Nov 10, 10:45 am, Serge Rodovnichenko <[EMAIL PROTECTED]> > >> >> > > wrote: > > >> >> > > > It's simple: > > >> >> > > > In your application, click on a link to one action, then click on > >> >> > > > a > >> >> > > > link to the second action without waiting of results of first > >> >> > > > action. > >> >> > > > Session data lost. > > >> >> > > > A heavy-loaded server and complex database query, generated by > >> >> > > > first > >> >> > > > action/Model or slow network connection may help you to do this > >> >> > > > :-) > > >> >> > > > I think it's not a bug, but is there a hope for correcting the > >> >> > > > situation? > > >> -- > >> B= *•*Beautiful*•* > >> E= *•*Elegant*•* > >> Y= *•*Young*•* > >> O= *•*Original*•* > >> N= *•*Natural*•* > >> C= *•*Clever*•* > >> E= *•*Enthralling*•* > >> (`*•.¸ (`*•.¸ ¸.•*´) ¸.•*´) > >> `•.¸(*)Beyoncè`s #1 Fan(*) > >> (¸.•*(¸.•*´`*•.¸ )*•.¸) > >> Xavier A. Mathews > >> Student/Developer/Web-Master > >> GG Client Based Tech Support Specialist > >> Hazel Crest Illinois > >> [EMAIL PROTECTED]@[EMAIL PROTECTED] > >> "Fear of a name, only increases fear of the thing itself." > > -- > B= *•*Beautiful*•* > E= *•*Elegant*•* > Y= *•*Young*•* > O= *•*Original*•* > N= *•*Natural*•* > C= *•*Clever*•* > E= *•*Enthralling*•* > (`*•.¸ (`*•.¸ ¸.•*´) ¸.•*´) > `•.¸(*)Beyoncè`s #1 Fan(*) > (¸.•*(¸.•*´`*•.¸ )*•.¸) > Xavier A. Mathews > Student/Developer/Web-Master > GG Client Based Tech Support Specialist > Hazel Crest Illinois > [EMAIL PROTECTED]@[EMAIL PROTECTED] > "Fear of a name, only increases fear of the thing itself." --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "CakePHP" group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~--~~~~--~~--~--~---
Re: A way to lost your session in Cake 1.2RC3 :-)
It sounds like it could be a thery. On 11/10/2008, validkeys <[EMAIL PROTECTED]> wrote: > > From tracing the sql queries when using the database to store the > session data, it seems as though on every call it deletes the current > session record from the database and then inserts a new one. If you > refreshed after that first deletion but before the second insert, you > would no longer have a session in the database. > > Am I talking out of my ass or does that sound like something that > could happen? > > On Nov 10, 4:13 pm, "Xavier Mathews" <[EMAIL PROTECTED]> wrote: >> Why would a longer query make a slower speed when the query has >> nothing to do with the connection. >> >> On 11/10/2008, francky06l <[EMAIL PROTECTED]> wrote: >> >> >> >> >> >> > Are the link ajax one ? >> > This, is I believe due to the security level., set it to medium. I >> > guess when during long queries/slow connection your second query is >> > there before the first one is gone ..making an "hijacking session" .. >> >> > On Nov 10, 10:18 pm, validkeys <[EMAIL PROTECTED]> >> > wrote: >> >> Im not sure. I have had similar problems when using a database. Anyone >> >> else have the same problem / advice? >> >> >> On Nov 10, 12:36 pm, Serge Rodovnichenko <[EMAIL PROTECTED]> wrote: >> >> >> > No, I store sessions in files, in /tmp directory. Database useage may >> >> > help to resolve this problem? >> >> >> > On 10 нояб, 22:15, validkeys <[EMAIL PROTECTED]> wrote: >> >> >> > > I have had this problem before, where I click links quickly and it >> >> > > blows up my session data. Are you using the database to manage your >> >> > > sessions? >> >> >> > > On Nov 10, 10:45 am, Serge Rodovnichenko <[EMAIL PROTECTED]> >> >> > > wrote: >> >> >> > > > It's simple: >> >> >> > > > In your application, click on a link to one action, then click on >> >> > > > a >> >> > > > link to the second action without waiting of results of first >> >> > > > action. >> >> > > > Session data lost. >> >> >> > > > A heavy-loaded server and complex database query, generated by >> >> > > > first >> >> > > > action/Model or slow network connection may help you to do this >> >> > > > :-) >> >> >> > > > I think it's not a bug, but is there a hope for correcting the >> >> > > > situation? >> >> -- >> B= *•*Beautiful*•* >> E= *•*Elegant*•* >> Y= *•*Young*•* >> O= *•*Original*•* >> N= *•*Natural*•* >> C= *•*Clever*•* >> E= *•*Enthralling*•* >> (`*•.¸ (`*•.¸ ¸.•*´) ¸.•*´) >> `•.¸(*)Beyoncè`s #1 Fan(*) >> (¸.•*(¸.•*´`*•.¸ )*•.¸) >> Xavier A. Mathews >> Student/Developer/Web-Master >> GG Client Based Tech Support Specialist >> Hazel Crest Illinois >> [EMAIL PROTECTED]@[EMAIL PROTECTED] >> "Fear of a name, only increases fear of the thing itself." > > > -- B= *•*Beautiful*•* E= *•*Elegant*•* Y= *•*Young*•* O= *•*Original*•* N= *•*Natural*•* C= *•*Clever*•* E= *•*Enthralling*•* (`*•.¸ (`*•.¸ ¸.•*´) ¸.•*´) `•.¸(*)Beyoncè`s #1 Fan(*) (¸.•*(¸.•*´`*•.¸ )*•.¸) Xavier A. Mathews Student/Developer/Web-Master GG Client Based Tech Support Specialist Hazel Crest Illinois [EMAIL PROTECTED]@[EMAIL PROTECTED] "Fear of a name, only increases fear of the thing itself." --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "CakePHP" group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~--~~~~--~~--~--~---
Re: A way to lost your session in Cake 1.2RC3 :-)
>From tracing the sql queries when using the database to store the session data, it seems as though on every call it deletes the current session record from the database and then inserts a new one. If you refreshed after that first deletion but before the second insert, you would no longer have a session in the database. Am I talking out of my ass or does that sound like something that could happen? On Nov 10, 4:13 pm, "Xavier Mathews" <[EMAIL PROTECTED]> wrote: > Why would a longer query make a slower speed when the query has > nothing to do with the connection. > > On 11/10/2008, francky06l <[EMAIL PROTECTED]> wrote: > > > > > > > Are the link ajax one ? > > This, is I believe due to the security level., set it to medium. I > > guess when during long queries/slow connection your second query is > > there before the first one is gone ..making an "hijacking session" .. > > > On Nov 10, 10:18 pm, validkeys <[EMAIL PROTECTED]> > > wrote: > >> Im not sure. I have had similar problems when using a database. Anyone > >> else have the same problem / advice? > > >> On Nov 10, 12:36 pm, Serge Rodovnichenko <[EMAIL PROTECTED]> wrote: > > >> > No, I store sessions in files, in /tmp directory. Database useage may > >> > help to resolve this problem? > > >> > On 10 нояб, 22:15, validkeys <[EMAIL PROTECTED]> wrote: > > >> > > I have had this problem before, where I click links quickly and it > >> > > blows up my session data. Are you using the database to manage your > >> > > sessions? > > >> > > On Nov 10, 10:45 am, Serge Rodovnichenko <[EMAIL PROTECTED]> wrote: > > >> > > > It's simple: > > >> > > > In your application, click on a link to one action, then click on a > >> > > > link to the second action without waiting of results of first > >> > > > action. > >> > > > Session data lost. > > >> > > > A heavy-loaded server and complex database query, generated by first > >> > > > action/Model or slow network connection may help you to do this :-) > > >> > > > I think it's not a bug, but is there a hope for correcting the > >> > > > situation? > > -- > B= *•*Beautiful*•* > E= *•*Elegant*•* > Y= *•*Young*•* > O= *•*Original*•* > N= *•*Natural*•* > C= *•*Clever*•* > E= *•*Enthralling*•* > (`*•.¸ (`*•.¸ ¸.•*´) ¸.•*´) > `•.¸(*)Beyoncè`s #1 Fan(*) > (¸.•*(¸.•*´`*•.¸ )*•.¸) > Xavier A. Mathews > Student/Developer/Web-Master > GG Client Based Tech Support Specialist > Hazel Crest Illinois > [EMAIL PROTECTED]@[EMAIL PROTECTED] > "Fear of a name, only increases fear of the thing itself." --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "CakePHP" group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~--~~~~--~~--~--~---
Re: A way to lost your session in Cake 1.2RC3 :-)
Are the link ajax one ? This, is I believe due to the security level., set it to medium. I guess when during long queries/slow connection your second query is there before the first one is gone ..making an "hijacking session" .. On Nov 10, 10:18 pm, validkeys <[EMAIL PROTECTED]> wrote: > Im not sure. I have had similar problems when using a database. Anyone > else have the same problem / advice? > > On Nov 10, 12:36 pm, Serge Rodovnichenko <[EMAIL PROTECTED]> wrote: > > > No, I store sessions in files, in /tmp directory. Database useage may > > help to resolve this problem? > > > On 10 нояб, 22:15, validkeys <[EMAIL PROTECTED]> wrote: > > > > I have had this problem before, where I click links quickly and it > > > blows up my session data. Are you using the database to manage your > > > sessions? > > > > On Nov 10, 10:45 am, Serge Rodovnichenko <[EMAIL PROTECTED]> wrote: > > > > > It's simple: > > > > > In your application, click on a link to one action, then click on a > > > > link to the second action without waiting of results of first action. > > > > Session data lost. > > > > > A heavy-loaded server and complex database query, generated by first > > > > action/Model or slow network connection may help you to do this :-) > > > > > I think it's not a bug, but is there a hope for correcting the > > > > situation? --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "CakePHP" group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~--~~~~--~~--~--~---
Re: A way to lost your session in Cake 1.2RC3 :-)
Why would a longer query make a slower speed when the query has nothing to do with the connection. On 11/10/2008, francky06l <[EMAIL PROTECTED]> wrote: > > Are the link ajax one ? > This, is I believe due to the security level., set it to medium. I > guess when during long queries/slow connection your second query is > there before the first one is gone ..making an "hijacking session" .. > > On Nov 10, 10:18 pm, validkeys <[EMAIL PROTECTED]> > wrote: >> Im not sure. I have had similar problems when using a database. Anyone >> else have the same problem / advice? >> >> On Nov 10, 12:36 pm, Serge Rodovnichenko <[EMAIL PROTECTED]> wrote: >> >> > No, I store sessions in files, in /tmp directory. Database useage may >> > help to resolve this problem? >> >> > On 10 нояб, 22:15, validkeys <[EMAIL PROTECTED]> wrote: >> >> > > I have had this problem before, where I click links quickly and it >> > > blows up my session data. Are you using the database to manage your >> > > sessions? >> >> > > On Nov 10, 10:45 am, Serge Rodovnichenko <[EMAIL PROTECTED]> wrote: >> >> > > > It's simple: >> >> > > > In your application, click on a link to one action, then click on a >> > > > link to the second action without waiting of results of first >> > > > action. >> > > > Session data lost. >> >> > > > A heavy-loaded server and complex database query, generated by first >> > > > action/Model or slow network connection may help you to do this :-) >> >> > > > I think it's not a bug, but is there a hope for correcting the >> > > > situation? > > > -- B= *•*Beautiful*•* E= *•*Elegant*•* Y= *•*Young*•* O= *•*Original*•* N= *•*Natural*•* C= *•*Clever*•* E= *•*Enthralling*•* (`*•.¸ (`*•.¸ ¸.•*´) ¸.•*´) `•.¸(*)Beyoncè`s #1 Fan(*) (¸.•*(¸.•*´`*•.¸ )*•.¸) Xavier A. Mathews Student/Developer/Web-Master GG Client Based Tech Support Specialist Hazel Crest Illinois [EMAIL PROTECTED]@[EMAIL PROTECTED] "Fear of a name, only increases fear of the thing itself." --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "CakePHP" group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~--~~~~--~~--~--~---
Re: A way to lost your session in Cake 1.2RC3 :-)
Im not sure. I have had similar problems when using a database. Anyone else have the same problem / advice? On Nov 10, 12:36 pm, Serge Rodovnichenko <[EMAIL PROTECTED]> wrote: > No, I store sessions in files, in /tmp directory. Database useage may > help to resolve this problem? > > On 10 нояб, 22:15, validkeys <[EMAIL PROTECTED]> wrote: > > > I have had this problem before, where I click links quickly and it > > blows up my session data. Are you using the database to manage your > > sessions? > > > On Nov 10, 10:45 am, Serge Rodovnichenko <[EMAIL PROTECTED]> wrote: > > > > It's simple: > > > > In your application, click on a link to one action, then click on a > > > link to the second action without waiting of results of first action. > > > Session data lost. > > > > A heavy-loaded server and complex database query, generated by first > > > action/Model or slow network connection may help you to do this :-) > > > > I think it's not a bug, but is there a hope for correcting the > > > situation? --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "CakePHP" group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~--~~~~--~~--~--~---
Re: A way to lost your session in Cake 1.2RC3 :-)
No, I store sessions in files, in /tmp directory. Database useage may help to resolve this problem? On 10 нояб, 22:15, validkeys <[EMAIL PROTECTED]> wrote: > I have had this problem before, where I click links quickly and it > blows up my session data. Are you using the database to manage your > sessions? > > On Nov 10, 10:45 am, Serge Rodovnichenko <[EMAIL PROTECTED]> wrote: > > > It's simple: > > > In your application, click on a link to one action, then click on a > > link to the second action without waiting of results of first action. > > Session data lost. > > > A heavy-loaded server and complex database query, generated by first > > action/Model or slow network connection may help you to do this :-) > > > I think it's not a bug, but is there a hope for correcting the > > situation? --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "CakePHP" group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~--~~~~--~~--~--~---
Re: A way to lost your session in Cake 1.2RC3 :-)
I have had this problem before, where I click links quickly and it blows up my session data. Are you using the database to manage your sessions? On Nov 10, 10:45 am, Serge Rodovnichenko <[EMAIL PROTECTED]> wrote: > It's simple: > > In your application, click on a link to one action, then click on a > link to the second action without waiting of results of first action. > Session data lost. > > A heavy-loaded server and complex database query, generated by first > action/Model or slow network connection may help you to do this :-) > > I think it's not a bug, but is there a hope for correcting the > situation? --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "CakePHP" group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~--~~~~--~~--~--~---